Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-5711

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00431EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3122

Malicious code in bioql PyPI...

7CVSS6.9AI score0.00284EPSS
Exploits0References6
NVD
NVD
added 2018/01/10 6:29 p.m.19 views

CVE-2014-4995

Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed...

7CVSS6.6AI score0.00284EPSS
Exploits0References5
NVD
NVD
added 2018/01/10 6:29 p.m.9 views

CVE-2014-4996

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.targethost...

5.5CVSS5.4AI score0.00431EPSS
Exploits0References5
Cvelist
Cvelist
added 2018/01/10 6:0 p.m.17 views

CVE-2014-4995

Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed...

6.6AI score0.00284EPSS
Exploits0References5
CVE
CVE
added 2018/01/10 6:0 p.m.51 views

CVE-2014-4995

Vulnerability CVE-2014-4995 affects the VladTheEnterprising Ruby gem (version ~0.2); a race condition in lib/vlad/dba/mysql.rb allows local users to obtain the MySQL root password from a temporary file before it is removed. Related advisories describe insecure temporary file handling and potentia...

7CVSS6.5AI score0.00284EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/01/10 12:0 a.m.27 views

Command injection vulnerability

VladTheEnterprising Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/my.cnf.targethost file they can overwrite arbitrary files, gain access to the MySQL root password, or inject arbitrary...

7CVSS6.6AI score0.00284EPSS
Exploits0References1Affected Software1
RubySec
RubySec
added 2014/06/30 12:0 a.m.15 views

VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

VladTheEnterprising Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/my.cnf.targethost file they can overwrite arbitrary files, gain access to the MySQL root password, or inject arbitrary...

5.5CVSS2.6AI score0.00431EPSS
Exploits0References1
Rows per page
Query Builder